Alle sabato 03 marzo 2012, Martin Grigorov ha scritto:
> Hi,
>
> Save the logged in user id in the Session.
>
> MySession.java:
>
> private long userId;
>
> public User getUser() {
> return userService.getUserById(userId);
> }
>
>
> AnyPage.java:
> user = MySession.get().getUser();
>
Thank you, for support and explanation code, very useful because I am a newbie.
Just one another answer: Is it secure?
Can someone alter session data and change user data, so an hacher could log
with own account but operate with other accounts?
Do I need some random code like this "hdfds6yh6yhgtruifh4hf4frh9ruehfe" to
store temporanealy in session and database and associate it to a specific user?
> > I added registration and user/password sign-in and checking with database,
> > instead of simple "wicket" as user and password.
> > All works ok, but now I need in AdminPage to known which user is logged in.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@wicket.apache.org
For additional commands, e-mail: users-h...@wicket.apache.org
